Search in sources :

Example 1 with SecurityLoggerImpl

use of ddf.security.audit.impl.SecurityLoggerImpl in project ddf by codice.

the class AbstractIntegrationTest method initFacades.

@SuppressWarnings({ "squid:S2696" /* writing to static ddfHome to share state between test methods */
})
@PostTestConstruct
public void initFacades() {
    RestAssured.config = RestAssuredConfig.config().xmlConfig(XmlConfig.xmlConfig().namespaceAware(false));
    ddfHome = System.getProperty(DDF_HOME_PROPERTY);
    adminConfig = new AdminConfig(configAdmin);
    Security security = new org.codice.ddf.security.impl.Security();
    ((org.codice.ddf.security.impl.Security) security).setSecurityLogger(new SecurityLoggerImpl(new SubjectUtils()));
    // This proxy runs the service manager as the system subject
    serviceManager = (ServiceManager) Proxy.newProxyInstance(AbstractIntegrationTest.class.getClassLoader(), ServiceManagerImpl.class.getInterfaces(), new ServiceManagerProxy(new ServiceManagerImpl(metatype, adminConfig, bundleContext, bundleService, features), security));
    catalogBundle = new CatalogBundle(serviceManager, adminConfig);
    securityPolicy = new SecurityPolicyConfigurator(serviceManager, configAdmin);
    urlResourceReaderConfigurator = new UrlResourceReaderConfigurator(configAdmin);
    console = new KarafConsole(bundleContext, features, sessionFactory);
}
Also used : SecurityLoggerImpl(ddf.security.audit.impl.SecurityLoggerImpl) SubjectUtils(ddf.security.service.impl.SubjectUtils) UrlResourceReaderConfigurator(org.codice.ddf.itests.common.config.UrlResourceReaderConfigurator) Security(org.codice.ddf.security.Security) SecurityPolicyConfigurator(org.codice.ddf.itests.common.security.SecurityPolicyConfigurator) PostTestConstruct(org.codice.ddf.test.common.annotations.PostTestConstruct)

Example 2 with SecurityLoggerImpl

use of ddf.security.audit.impl.SecurityLoggerImpl in project ddf by codice.

the class SecurityPolicyConfigurator method createChecker.

private Callable<Boolean> createChecker(final Map<String, Object> policyProperties) {
    final ContextPolicyManager ctxPolicyMgr = services.getService(ContextPolicyManager.class);
    final PolicyManager targetPolicies = new PolicyManager();
    targetPolicies.setSecurityLogger(new SecurityLoggerImpl(new SubjectUtils()));
    targetPolicies.setPolicies(policyProperties);
    return () -> {
        for (ContextPolicy policy : ctxPolicyMgr.getAllContextPolicies()) {
            ContextPolicy targetPolicy = targetPolicies.getContextPolicy(policy.getContextPath());
            if (targetPolicy == null || !targetPolicy.getContextPath().equals(policy.getContextPath()) || !targetPolicy.getAuthenticationMethods().containsAll(policy.getAuthenticationMethods()) || !targetPolicy.getAllowedAttributeNames().containsAll(policy.getAllowedAttributeNames())) {
                return false;
            }
        }
        return true;
    };
}
Also used : PolicyManager(org.codice.ddf.security.policy.context.impl.PolicyManager) ContextPolicyManager(org.codice.ddf.security.policy.context.ContextPolicyManager) SecurityLoggerImpl(ddf.security.audit.impl.SecurityLoggerImpl) SubjectUtils(ddf.security.service.impl.SubjectUtils) ContextPolicy(org.codice.ddf.security.policy.context.ContextPolicy) ContextPolicyManager(org.codice.ddf.security.policy.context.ContextPolicyManager)

Aggregations

SecurityLoggerImpl (ddf.security.audit.impl.SecurityLoggerImpl)2 SubjectUtils (ddf.security.service.impl.SubjectUtils)2 UrlResourceReaderConfigurator (org.codice.ddf.itests.common.config.UrlResourceReaderConfigurator)1 SecurityPolicyConfigurator (org.codice.ddf.itests.common.security.SecurityPolicyConfigurator)1 Security (org.codice.ddf.security.Security)1 ContextPolicy (org.codice.ddf.security.policy.context.ContextPolicy)1 ContextPolicyManager (org.codice.ddf.security.policy.context.ContextPolicyManager)1 PolicyManager (org.codice.ddf.security.policy.context.impl.PolicyManager)1 PostTestConstruct (org.codice.ddf.test.common.annotations.PostTestConstruct)1